Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/MBAkj5LwWPbPmBmnCTBYdNB-mus.roa
File: MBAkj5LwWPbPmBmnCTBYdNB-mus.roa (raw, json)
Hash identifier: kydT44WX5Xbfml7tKZQYJ5n6go3dnqYBPX6aBrK12s0=
Subject key identifier: 30:10:24:8F:92:F0:58:F6:CF:98:19:A7:09:30:58:74:D0:7E:9A:EB
Certificate issuer: /CN=f541d46893aaa164fe2673990d07aa6c071003c0
Certificate serial: 0520E268
Authority key identifier: F5:41:D4:68:93:AA:A1:64:FE:26:73:99:0D:07:AA:6C:07:10:03:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9UHUaJOqoWT-JnOZDQeqbAcQA8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/MBAkj5LwWPbPmBmnCTBYdNB-mus.roa
Signing time: Wed 27 Apr 2022 23:47:31 +0000
ROA not before: Wed 27 Apr 2022 23:47:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44084
IP address blocks: 217.115.16.0/20 maxlen: 24
45.67.124.0/22 maxlen: 24
2a09:6240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86041192 (0x520e268)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f541d46893aaa164fe2673990d07aa6c071003c0
Validity
Not Before: Apr 27 23:47:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3010248f92f058f6cf9819a709305874d07e9aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:07:e8:32:c4:05:43:c8:30:bf:86:9f:5c:55:
b1:ff:05:4d:97:3b:df:4f:61:a5:43:34:86:7a:49:
5a:02:e4:60:26:b8:73:cc:ee:20:c0:50:83:a4:e1:
99:54:56:23:0e:90:d5:97:f9:0b:0d:cd:72:8b:a2:
b1:ef:5c:9f:50:13:7b:cb:72:bc:be:9e:07:64:be:
99:38:b3:f1:a3:49:87:6a:5a:07:63:0b:48:ad:d7:
3f:a9:1d:13:93:3f:86:d4:e2:bd:e5:0a:57:96:c9:
0f:11:6b:64:31:70:34:2e:dc:b9:c7:a7:93:70:31:
a0:5d:6f:50:2c:34:b3:3c:8a:47:a3:f3:43:a6:85:
2d:53:09:00:0e:04:61:15:d0:af:dd:e9:d0:d8:9e:
bd:26:6d:fb:34:89:ed:22:01:ed:20:d3:13:78:16:
d0:35:6a:93:bd:5b:98:8b:80:61:90:57:f0:4d:41:
72:94:39:0d:c3:70:8d:24:86:93:8d:6f:0c:2f:38:
e8:d0:58:eb:5a:a2:fb:11:bd:c4:5b:29:56:29:dc:
ed:ad:2a:ff:30:84:de:9a:8b:2b:af:89:80:2c:b6:
df:c3:cb:76:3b:06:27:73:b3:9d:3e:4a:ec:c5:f1:
31:f1:37:00:77:b3:cc:f3:9b:c7:96:46:45:bd:42:
51:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:10:24:8F:92:F0:58:F6:CF:98:19:A7:09:30:58:74:D0:7E:9A:EB
X509v3 Authority Key Identifier:
keyid:F5:41:D4:68:93:AA:A1:64:FE:26:73:99:0D:07:AA:6C:07:10:03:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UHUaJOqoWT-JnOZDQeqbAcQA8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/MBAkj5LwWPbPmBmnCTBYdNB-mus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/9UHUaJOqoWT-JnOZDQeqbAcQA8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.124.0/22
217.115.16.0/20
IPv6:
2a09:6240::/29
Signature Algorithm: sha256WithRSAEncryption
54:20:8e:9a:6e:01:fd:e4:d4:1f:ce:08:d1:c0:0f:1e:7d:57:
23:a3:98:72:fc:e6:91:41:83:76:be:64:f2:7e:52:8d:60:e9:
49:98:aa:b6:2f:ce:70:02:90:da:9d:d7:85:f6:7d:a7:d2:e3:
64:c2:c2:e3:7f:32:d6:b5:02:a3:9b:f0:5a:1e:4e:0d:7a:60:
0f:b3:43:76:d5:1a:6d:57:e2:01:f8:1f:3a:18:de:94:15:9e:
80:28:5e:16:07:d3:b1:a9:65:33:91:9d:dc:07:9b:66:a2:25:
22:07:d6:29:26:cb:81:45:34:8a:5a:29:78:0f:03:9d:c0:26:
25:09:1e:85:66:1b:dd:6d:eb:70:35:d7:56:58:7c:8e:ac:8d:
0a:46:7f:f8:73:a3:ef:77:a4:16:bb:7a:ea:e2:55:96:1d:49:
9d:7e:e9:c6:8b:52:b7:de:93:26:57:32:1c:10:25:0e:db:4e:
a5:df:61:76:84:a2:2b:55:3a:c4:1d:24:6c:d4:bb:27:54:78:
44:83:a0:2b:ec:9d:f8:99:91:40:10:ed:22:11:3c:77:09:73:
d5:b9:09:12:cf:35:3f:d7:a6:7a:7a:76:19:01:37:2c:b0:eb:
9e:fa:13:f0:af:65:cb:de:f2:8c:1d:2b:d8:2a:0c:c7:a2:1c:
28:bb:56:34
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBSDiaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTQxZDQ2ODkzYWFhMTY0ZmUyNjczOTkwZDA3YWE2YzA3MTAwM2MwMB4XDTIyMDQy
NzIzNDczMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzAxMDI0OGY5MmYw
NThmNmNmOTgxOWE3MDkzMDU4NzRkMDdlOWFlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQH6DLEBUPIML+Gn1xVsf8FTZc7309hpUM0hnpJWgLkYCa4
c8zuIMBQg6ThmVRWIw6Q1Zf5Cw3Ncouise9cn1ATe8tyvL6eB2S+mTiz8aNJh2pa
B2MLSK3XP6kdE5M/htTiveUKV5bJDxFrZDFwNC7cucenk3AxoF1vUCw0szyKR6Pz
Q6aFLVMJAA4EYRXQr93p0NievSZt+zSJ7SIB7SDTE3gW0DVqk71bmIuAYZBX8E1B
cpQ5DcNwjSSGk41vDC846NBY61qi+xG9xFspVinc7a0q/zCE3pqLK6+JgCy238PL
djsGJ3OznT5K7MXxMfE3AHezzPObx5ZGRb1CUZcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQwECSPkvBY9s+YGacJMFh00H6a6zAfBgNVHSMEGDAWgBT1QdRok6qhZP4m
c5kNB6psBxADwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlVSFVhSk9xb1dULUpuT1pEUWVxYkFjUUE4QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGEvMmU5NWU3LTU2NDQtNDZmMi04ZmEzLTM5OGMwNDUxODllYi8x
L01CQWtqNUx3V1BiUG1CbW5DVEJZZE5CLW11cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEv
MmU5NWU3LTU2NDQtNDZmMi04ZmEzLTM5OGMwNDUxODllYi8xLzlVSFVhSk9xb1dU
LUpuT1pEUWVxYkFjUUE4QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAi1DfAMEBNlzEDANBAIAAjAHAwUD
KgliQDANBgkqhkiG9w0BAQsFAAOCAQEAVCCOmm4B/eTUH84I0cAPHn1XI6OYcvzm
kUGDdr5k8n5SjWDpSZiqti/OcAKQ2p3XhfZ9p9LjZMLC438y1rUCo5vwWh5ODXpg
D7NDdtUabVfiAfgfOhjelBWegCheFgfTsallM5Gd3AebZqIlIgfWKSbLgUU0ilop
eA8DncAmJQkehWYb3W3rcDXXVlh8jqyNCkZ/+HOj73ekFrt66uJVlh1JnX7pxotS
t96TJlcyHBAlDttOpd9hdoSiK1U6xB0kbNS7J1R4RIOgK+yd+JmRQBDtIhE8dwlz
1bkJEs81P9emenp2GQE3LLDrnvoT8K9ly97yjB0r2CoMx6IcKLtWNA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:19 2023 by rpki-client on console-ams.rpki-client.org